Email Admin’s Weblog

Gluing Linux email systems since 2000

  • Blog Stats

    • 6,647 hits

Posts Tagged ‘pyzor’

My case of pyzor: check failed: internal error

Posted by Maciej Sołtysiak on June 23, 2008

One of my routine tasks is, of course, to check the logs of running systems. I stumbled upon this warning message in my spamassassin logs:

warn: pyzor: check failed: internal error

Being a lazy person I usually google for an answer but in this case each advice I found didn’t apply to me. This means I had to do detective work.

Okay, so it looked like pyzor’s having some problems. Since it is usually executed as merely one of the programs in a scanning path, normally you might not even notice it’s not running right because other engines may work well enough. You might just notice increased spam levels or more false positives. Anyway what you should do is some checking, eg. using the pyzor ping command, as such:

# pyzor ping
82.94.255.100:24441     (200, 'OK')

This tells us that pyzor’s working fine and the server IP it has cached is also responding properly. Now let’s take a step back. Where did I get this message from. Who (what process) wrote it, to which log…

Well, this was found in the spamassassin log in /var/log/spamd/current. In Bill Shupp’s qmail toaster you get SA logging exactly there. It’s started from daemontools via the /service/spamd/run script. In there you usually have something like:

#!/bin/sh
exec /usr/sbin/spamd -x -u vpopmail -s stderr 2>&1

So pyzor was being executed from spamassassin with privileges of the user it was running under. And here we see that spamassassin is running under the vpopmail user. Well, so let’s check out our spamassassin configuration and permissions in there. They are usually in /etc/mail/spamassassin. Checking the local.cf file I found that I have a directive pointing pyzor where to look for it’s per-user config. Including the servers that are obtained with the pyzor discover command (found in the servers file). The config line that was doing this was (local.cf):

pyzor_options --homedir /etc/mail/spamassassin

Okay, so I have all my pyzor settings that are executed from spamassassin with vpopmail user in there. Let’s checkout permissions:

drwxr-xr-x   4 root     root  4096 2008-06-08 19:34 .
drwxr-xr-x 118 root     root 12288 2008-06-21 14:48 ..
-rw-r--r--   1 root     root   939 2007-10-01 20:55 65_debian.cf
lrwxrwxrwx   1 root     root    16 2007-10-24 07:21 FuzzyOcr.cf -> FuzzyOcr.cf.real
-rw-r--r--   1 root     root  5448 2007-05-03 00:54 FuzzyOcr.cf.real
-rw-r--r--   1 root     root   425 2007-05-03 00:54 FuzzyOcr.words
-rw-r--r--   1 root     root  1297 2008-06-08 19:34 init.pre
-rw-r--r--   1 root     root   689 2008-03-22 13:12 local.cf
-rw-r--r--   1 root     root  1208 2007-10-24 06:21 local.cf.bak
drwx------   2 root     root  4096 2008-06-17 07:29 sa-update-keys
-rw-------   1 root     root    20 2008-03-22 13:11 servers
drwxr-xr-x   2 vpopmail root  4096 2008-06-23 02:44 .spamassassin
-rw-r--r--   1 root     root  2599 2008-06-08 19:33 v310.pre
-rw-r--r--   1 root     root  1194 2007-10-24 06:16 v312.pre
-rw-r--r--   1 root     root  2412 2008-06-08 19:33 v320.pre

The culprit is the red server file. As you see vpopmail user can’t access it. Changing the permissions accordingly fixed my problem. 🙂

Note that I am currently not sure if I added this line myself, was it some installation script or is it a Ubuntu package configuration.

Did you have a similar issue?

Advertisements

Posted in Problem scenarios | Tagged: , | 7 Comments »